Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: gpg can't get random/entropy



On Tue, May 15, 2012 at 09:57:58AM -0400, Julio Merino wrote:
> 
> Out of curiosity: why are networking drivers disabled by default?  Is
> it because an attacker could generate traffic to the machine on
> purpose and somehow predict the gathered entropy?

Yes -- you don't want to get into the situation in which the only, or
almost the only, source of entropy is visible to the attacker.  It makes
iterative guessing attacks easier.

Also, taking timings in some network drivers can have a major negative
impact on performance.

Carrying over entropy across boot, as we do now by default, and mixing in
more sources of information (environmental information and timings from
the VM system being two examples) are meant to help with this problem.
I am guessing your system isn't getting much if any entropy from those,
and that the entropy pool's always depleted by shutdown time, so you don't
carry much across boot either?

On such a system, if you're ever mixing in any real entropy at all, the
best you can do, if you must generate keys, may be to replace /dev/random
with a symlink to /dev/urandom.

Thor


Home | Main Index | Thread Index | Old Index